It all started after upgrading bluez from 4.69 to 4.76 . 'hcitool scan' work and bluetoothd starts normally, but when launching any related program (e.g. Gnome bluetooth-applet), bluetoothd dies with segfault: Oct 24 11:31:01 IL kernel: bluetoothd[3894]: segfault at 0 ip b7632653 sp bfee9b5c error 4 in libc-2.12.1.so[b75be000+145000] Downgrading to 4.69 helps, I don't even have to reboot, just restarting bluetoothd Additional info: * package version(s) kernel26 2.6.35.7 bluez 4.76 dbus 1.4.0 $ lsusb | grep lue Bus 003 Device 002: ID 0a5c:2121 Broadcom Corp. BCM2210 Bluetooth Compiled with debug flags, gdb output attached dbus_message_iter_append_basic () is called 7 times after another bt program starts. Params seem valid: Breakpoint 1, 0xb7e4e616 in dbus_message_iter_append_basic () from /usr/lib/libdbus-1.so.3 (gdb) print (void*)($esp+0) $1 = (void *) 0xbffff3c0 (gdb) print *(char*)($esp+4) $2 = 115 's' (gdb) print **(char***)($esp+8) $3 = 0xb80474f0 "0000110e-0000-1000-8000-00805f9b34fb" (gdb) finish Run till exit from #0 0xb7e4e616 in dbus_message_iter_append_basic () from /usr/lib/libdbus-1.so.3 Program received signal SIGSEGV, Segmentation fault. 0xb7d3e653 in strlen () from /lib/libc.so.6 (gdb)
[root@IL packages]# gdb --args /home/il/builds/bluez-debug/src/src/bluez-4.76/src/.libs/bluetoothd -n GNU gdb (GDB) 7.2 Copyright (C) 2010 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "i686-pc-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /.snapshots/persist/builds/bluez-debug/src/src/bluez-4.76/src/.libs/bluetoothd...(no debugging symbols found)...done. (gdb) r Starting program: /.snapshots/persist/builds/bluez-debug/src/src/bluez-4.76/src/.libs/bluetoothd -n [Thread debugging using libthread_db enabled] bluetoothd[20561]: Bluetooth deamon 4.76 bluetoothd[20561]: Starting SDP server bluetoothd[20561]: HCI dev 0 registered bluetoothd[20561]: HCI dev 0 up bluetoothd[20561]: Starting security manager 0 bluetoothd[20561]: Clearing blocked list failed: Invalid argument (22) bluetoothd[20561]: probe failed with driver input-headset for device /org/bluez/20561/hci0/dev_00_1B_98_A3_A5_2B bluetoothd[20561]: probe failed with driver input-headset for device /org/bluez/20561/hci0/dev_00_1D_6E_4F_54_EA bluetoothd[20561]: probe failed with driver input-headset for device /org/bluez/20561/hci0/dev_A8_7E_33_D7_29_DB bluetoothd[20561]: Adapter /org/bluez/20561/hci0 has been enabled bluetoothd[20561]: Inquiry Failed with status 0x12 ^C Program received signal SIGINT, Interrupt. 0xb7f73424 in __kernel_vsyscall () (gdb) b dbus_message_iter_append_basic Breakpoint 1 at 0xb7e4e616 (gdb) c Continuing. ==================== here i start another program ==================== Breakpoint 1, 0xb7e4e616 in dbus_message_iter_append_basic () from /usr/lib/libdbus-1.so.3 (gdb) c 6 Will ignore next 5 crossings of breakpoint 1. Continuing. Breakpoint 1, 0xb7e4e616 in dbus_message_iter_append_basic () from /usr/lib/libdbus-1.so.3 (gdb) c Continuing. Program received signal SIGSEGV, Segmentation fault. 0xb7d3e653 in strlen () from /lib/libc.so.6 (gdb) bt #0 0xb7d3e653 in strlen () from /lib/libc.so.6 #1 0xb7e5eb10 in ?? () from /usr/lib/libdbus-1.so.3 #2 0xb7e4a34b in ?? () from /usr/lib/libdbus-1.so.3 #3 0xb7e4e7a9 in dbus_message_iter_append_basic () from /usr/lib/libdbus-1.so.3 #4 0xb7fef03d in append_array_variant () #5 0xb7fef799 in emit_array_property_changed () #6 0xb7fe4de4 in adapter_service_ins_rem () #7 0xb7fd7fb1 in sdp_record_add () #8 0xb7fd79de in service_register_req () #9 0xb7fd5dfc in handle_request () #10 0xb7fd496e in io_session_event () #11 0xb7ef7a2b in ?? () from /usr/lib/libglib-2.0.so.0 #12 0xb7eb0b72 in g_main_context_dispatch () from /usr/lib/libglib-2.0.so.0 #13 0xb7eb1350 in ?? () from /usr/lib/libglib-2.0.so.0 #14 0xb7eb1a1b in g_main_loop_run () from /usr/lib/libglib-2.0.so.0 #15 0xb7fd1bbd in main () (gdb)
